Snort mailing list archives
Re: Using Snort for Wireless
From: Nick Petroni <npetroni () cs umd edu>
Date: Thu, 4 Apr 2002 11:05:39 -0500 (EST)
Thanks AAron for pointing that out, I am just weeding out my inbox now so I didn't reply earlier. As AAron stated these patches are for 1.8.3. They only decode 802.11 data frames (and keep minor statistics on the amount of management frames seen). I have a patch for the current cvs tree that adds a flag for dumping all 802.11 frames and am working on the plugins AAron mentioned for some rules. I can make these available now, but would prefer to wait until I get a little more work done. nick Nick L. Petroni, Jr. Graduate Student, Computer Science University of Maryland http://www.cs.umd.edu/~npetroni On Wed, 3 Apr 2002, Aaron Richard Walters wrote:
There was someone at University of Maryland working on this stuff: www.cs.umd.edu/~npetroni/snort.html and he posted an email to this list which I'm sure you can find in the archives. These were diffs against 1.8.3 stable but I've heard that he has a new patch that he's working on. I've also heard that he has written some new plugins for rules to be written for wireless. AW On Wed, 3 Apr 2002, Lists wrote:Has anyone thought of using Snort specifically geared towards wireless? I would think that rules can be written specifically towards wireless use (like writing a rule to look for 'All your 802.11 belong to us' to look for Netstumblers?). Has anybody already done this? Any thoughts? _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Using Snort for Wireless Lists (Apr 03)
- Re: Using Snort for Wireless Mike Craik (Apr 03)
- Re: Using Snort for Wireless james (Apr 03)
- Re: Using Snort for Wireless Skip Carter (Apr 03)
- Re: Using Snort for Wireless Erek Adams (Apr 03)
- Re: Using Snort for Wireless Aaron Richard Walters (Apr 04)
- Re: Using Snort for Wireless Mike Craik (Apr 04)
- Re: Using Snort for Wireless Nick Petroni (Apr 04)
- what would be the appropriate thing to do? Onie Camara (Apr 04)